diff --git a/terraform/dev.tfvars b/terraform/dev.tfvars new file mode 100644 index 0000000..1cf4bff --- /dev/null +++ b/terraform/dev.tfvars @@ -0,0 +1,6 @@ +project_id = "gcp-devel-project" +region = "asia-northeast1" +env_name = "dev" + +component_name = "base" + diff --git a/terraform/function.tf b/terraform/function.tf new file mode 100644 index 0000000..fc147fa --- /dev/null +++ b/terraform/function.tf @@ -0,0 +1,33 @@ +# Cloud Functionのリソース +# 第2世代Cloud Function (Cloud Functions 2nd Gen) を使用 +# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/cloudfunctions2_function +# 第1世代Cloud Function (Cloud Functions 1st Gen) を使用する場合はこちらを参照 +# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/cloudfunctions_function + + +resource "google_cloudfunctions2_function" "function" { + name = "cf-${var.env_name}-${var.component_name}" + location = var.region + description = "${var.component_name}のCloud Function" + + build_config { + runtime = var.runtime + entry_point = var.entry_point + source { + storage_source { + bucket = google_storage_bucket.bucket.name + object = google_storage_bucket_object.source.name + } + } + } + + service_config { + max_instance_count = var.max_instance_count + min_instance_count = var.min_instance_count + timeout_seconds = var.timeout_seconds + available_memory = var.available_memory + + service_account_email = google_service_account.account.email + } +} + diff --git a/terraform/platform.tf b/terraform/platform.tf new file mode 100644 index 0000000..4ef4544 --- /dev/null +++ b/terraform/platform.tf @@ -0,0 +1,9 @@ +# Google CloudのAPIを有効化 + +resource "google_project_service" "services" { + for_each = toset([ + "run.googleapis.com", + "cloudfunctions.googleapis.com", + ]) + service = each.key +} \ No newline at end of file diff --git a/terraform/provider.tf b/terraform/provider.tf new file mode 100644 index 0000000..218805c --- /dev/null +++ b/terraform/provider.tf @@ -0,0 +1,9 @@ +terraform { + backend "gcs" {} +} + +# Google Providerの設定 +provider "google" { + project = var.project_id + region = var.region +} \ No newline at end of file diff --git a/terraform/sa.tf b/terraform/sa.tf new file mode 100644 index 0000000..89f22af --- /dev/null +++ b/terraform/sa.tf @@ -0,0 +1,24 @@ +resource "google_service_account" "account" { + account_id = "sa-${var.env_name}-${var.component_name}" + display_name = "Cloud Run Job Service Account for ${var.env_name} in ${var.component_name} environment" + description = "Cloud Run Job Service Account for ${var.env_name} in ${var.component_name} environment" + project = var.project_id +} + +# Cloud FunctionのIAM設定 +resource "google_cloudfunctions2_function_iam_member" "invoker" { + project = google_cloudfunctions2_function.function.project + location = google_cloudfunctions2_function.function.location + cloud_function = google_cloudfunctions2_function.function.name + role = "roles/cloudfunctions.invoker" + member = "serviceAccount:${google_service_account.account.email}" +} + +# Cloud Run ServiceのIAM設定 +resource "google_cloud_run_service_iam_member" "cloud_run_invoker" { + project = google_cloudfunctions2_function.function.project + location = google_cloudfunctions2_function.function.location + service = google_cloudfunctions2_function.function.name + role = "roles/run.invoker" + member = "serviceAccount:${google_service_account.account.email}" +} \ No newline at end of file diff --git a/terraform/sample.tfvars b/terraform/sample.tfvars new file mode 100644 index 0000000..6cfa70e --- /dev/null +++ b/terraform/sample.tfvars @@ -0,0 +1,6 @@ +project_id = "プロジェクトIDを指定してください" +region = "asia-northeast1" +env_name = "dev" + +component_name = "ジョブ名を指定してください" + diff --git a/terraform/storage.tf b/terraform/storage.tf new file mode 100644 index 0000000..7a6d063 --- /dev/null +++ b/terraform/storage.tf @@ -0,0 +1,18 @@ +resource "google_storage_bucket" "bucket" { + provider = google-beta + name = "${var.component_name}-gcf-source" # Every bucket name must be globally unique + location = var.region + uniform_bucket_level_access = true +} + +data "archive_file" "default" { + type = "zip" + output_path = "/tmp/function-source.zip" + source_dir = "../src/" +} + +resource "google_storage_bucket_object" "source" { + name = "function-source.zip" + bucket = google_storage_bucket.bucket.name + source = data.archive_file.default.output_path +} \ No newline at end of file diff --git a/terraform/variables.tf b/terraform/variables.tf new file mode 100644 index 0000000..f994c8e --- /dev/null +++ b/terraform/variables.tf @@ -0,0 +1,62 @@ +# GCPプロジェクトIDとリージョン、環境名、ジョブ名の変数定義 +variable "project_id" { + description = "The ID of the GCP project to deploy resources into." + type = string +} +variable "region" { + description = "The GCP region to deploy resources into." + type = string + default = "asia-northeast1" # 東京 +} + +variable "env_name" { + description = "The environment name for the deployment." + type = string + default = "dev" + validation { + condition = contains(["dev", "staging", "prd"], var.env_name) + error_message = "env_name must be one of: dev, staging, prd." + } +} + +variable "component_name" { + description = "The name of the Cloud Function." + type = string +} + +# Cloud Functino の設定変数 +variable "runtime" { + description = "The runtime environment for the Cloud Function." + type = string + default = "python312" +} + +variable "entry_point" { + description = "The entry point function for the Cloud Function." + type = string + default = "main" +} + +variable "max_instance_count" { + description = "The maximum number of instances for the Cloud Function." + type = number + default = 3 +} + +variable "min_instance_count" { + description = "The minimum number of instances for the Cloud Function." + type = number + default = 0 +} + +variable "timeout_seconds" { + description = "The timeout duration for the Cloud Function in seconds." + type = number + default = 60 +} + +variable "available_memory" { + description = "The amount of memory available to the Cloud Function." + type = string + default = "256M" +} \ No newline at end of file